1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (c) 2017 Cyril Hrubis <chrubis@suse.cz>
4 */
5
6 #ifndef LAPI_KEYCTL_H__
7 #define LAPI_KEYCTL_H__
8
9 #include "config.h"
10
11 #if defined(HAVE_KEYUTILS_H) && defined(HAVE_LIBKEYUTILS)
12 # include <keyutils.h>
13 #else
14 # ifdef HAVE_LINUX_KEYCTL_H
15 # include <linux/keyctl.h>
16 # endif /* HAVE_LINUX_KEYCTL_H */
17
18 # include <stdarg.h>
19 # include <stdint.h>
20 # include "lapi/syscalls.h"
21 typedef int32_t key_serial_t;
22
add_key(const char * type,const char * description,const void * payload,size_t plen,key_serial_t ringid)23 static inline key_serial_t add_key(const char *type,
24 const char *description,
25 const void *payload,
26 size_t plen,
27 key_serial_t ringid)
28 {
29 return tst_syscall(__NR_add_key,
30 type, description, payload, plen, ringid);
31 }
32
request_key(const char * type,const char * description,const char * callout_info,key_serial_t destringid)33 static inline key_serial_t request_key(const char *type,
34 const char *description,
35 const char *callout_info,
36 key_serial_t destringid)
37 {
38 return tst_syscall(__NR_request_key,
39 type, description, callout_info, destringid);
40 }
41
keyctl(int cmd,...)42 static inline long keyctl(int cmd, ...)
43 {
44 va_list va;
45 unsigned long arg2, arg3, arg4, arg5;
46
47 va_start(va, cmd);
48 arg2 = va_arg(va, unsigned long);
49 arg3 = va_arg(va, unsigned long);
50 arg4 = va_arg(va, unsigned long);
51 arg5 = va_arg(va, unsigned long);
52 va_end(va);
53
54 return tst_syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
55 }
56
keyctl_join_session_keyring(const char * name)57 static inline key_serial_t keyctl_join_session_keyring(const char *name) {
58 return keyctl(KEYCTL_JOIN_SESSION_KEYRING, name);
59 }
60
61 #endif /* defined(HAVE_KEYUTILS_H) && defined(HAVE_LIBKEYUTILS) */
62
63 /* special process keyring shortcut IDs */
64 #ifndef KEY_SPEC_THREAD_KEYRING
65 # define KEY_SPEC_THREAD_KEYRING -1
66 #endif
67
68 #ifndef KEY_SPEC_PROCESS_KEYRING
69 # define KEY_SPEC_PROCESS_KEYRING -2
70 #endif
71
72 #ifndef KEY_SPEC_SESSION_KEYRING
73 # define KEY_SPEC_SESSION_KEYRING -3
74 #endif
75
76 #ifndef KEY_SPEC_USER_KEYRING
77 # define KEY_SPEC_USER_KEYRING -4
78 #endif
79
80
81 #ifndef KEY_SPEC_USER_SESSION_KEYRING
82 # define KEY_SPEC_USER_SESSION_KEYRING -5
83 #endif
84
85 /* request-key default keyrings */
86 #ifndef KEY_REQKEY_DEFL_THREAD_KEYRING
87 # define KEY_REQKEY_DEFL_THREAD_KEYRING 1
88 #endif
89
90 #ifndef KEY_REQKEY_DEFL_SESSION_KEYRING
91 # define KEY_REQKEY_DEFL_SESSION_KEYRING 3
92 #endif
93
94 #ifndef KEY_REQKEY_DEFL_DEFAULT
95 # define KEY_REQKEY_DEFL_DEFAULT 0
96 #endif
97
98 /* keyctl commands */
99 #ifndef KEYCTL_GET_KEYRING_ID
100 # define KEYCTL_GET_KEYRING_ID 0
101 #endif
102
103 #ifndef KEYCTL_JOIN_SESSION_KEYRING
104 # define KEYCTL_JOIN_SESSION_KEYRING 1
105 #endif
106
107 #ifndef KEYCTL_UPDATE
108 # define KEYCTL_UPDATE 2
109 #endif
110
111 #ifndef KEYCTL_REVOKE
112 # define KEYCTL_REVOKE 3
113 #endif
114
115 #ifndef KEYCTL_SETPERM
116 # define KEYCTL_SETPERM 5
117 #endif
118
119 #ifndef KEYCTL_DESCRIBE
120 # define KEYCTL_DESCRIBE 6
121 #endif
122
123 #ifndef KEYCTL_CLEAR
124 # define KEYCTL_CLEAR 7
125 #endif
126
127 #ifndef KEYCTL_UNLINK
128 # define KEYCTL_UNLINK 9
129 #endif
130
131 #ifndef KEYCTL_SEARCH
132 # define KEYCTL_SEARCH 10
133 #endif
134
135 #ifndef KEYCTL_READ
136 # define KEYCTL_READ 11
137 #endif
138
139 #ifndef KEYCTL_SET_REQKEY_KEYRING
140 # define KEYCTL_SET_REQKEY_KEYRING 14
141 #endif
142
143 #ifndef KEYCTL_SET_TIMEOUT
144 # define KEYCTL_SET_TIMEOUT 15
145 #endif
146
147 #ifndef KEYCTL_ASSUME_AUTHORITY
148 # define KEYCTL_ASSUME_AUTHORITY 16
149 #endif
150
151 #ifndef KEYCTL_GET_SECURITY
152 # define KEYCTL_GET_SECURITY 17
153 #endif
154
155 #ifndef KEYCTL_INVALIDATE
156 # define KEYCTL_INVALIDATE 21
157 #endif
158
159 #ifndef KEYCTL_GET_PERSISTENT
160 # define KEYCTL_GET_PERSISTENT 22
161 #endif
162
163 #ifndef KEYCTL_DH_COMPUTE
164 # define KEYCTL_DH_COMPUTE 23
165 #endif
166
167 #ifndef KEYCTL_WATCH_KEY
168 # define KEYCTL_WATCH_KEY 32
169 #endif
170
171 /* key permissions */
172 #ifndef KEY_POS_VIEW
173 # define KEY_POS_VIEW 0x01000000
174 # define KEY_POS_READ 0x02000000
175 # define KEY_POS_WRITE 0x04000000
176 # define KEY_POS_SEARCH 0x08000000
177 # define KEY_POS_LINK 0x10000000
178 # define KEY_POS_SETATTR 0x20000000
179 # define KEY_POS_ALL 0x3f000000
180
181 # define KEY_USR_VIEW 0x00010000
182 # define KEY_USR_READ 0x00020000
183 # define KEY_USR_WRITE 0x00040000
184 # define KEY_USR_SEARCH 0x00080000
185 # define KEY_USR_LINK 0x00100000
186 # define KEY_USR_SETATTR 0x00200000
187 # define KEY_USR_ALL 0x003f0000
188
189 # define KEY_GRP_VIEW 0x00000100
190 # define KEY_GRP_READ 0x00000200
191 # define KEY_GRP_WRITE 0x00000400
192 # define KEY_GRP_SEARCH 0x00000800
193 # define KEY_GRP_LINK 0x00001000
194 # define KEY_GRP_SETATTR 0x00002000
195 # define KEY_GRP_ALL 0x00003f00
196
197 # define KEY_OTH_VIEW 0x00000001
198 # define KEY_OTH_READ 0x00000002
199 # define KEY_OTH_WRITE 0x00000004
200 # define KEY_OTH_SEARCH 0x00000008
201 # define KEY_OTH_LINK 0x00000010
202 # define KEY_OTH_SETATTR 0x00000020
203 # define KEY_OTH_ALL 0x0000003f
204 #endif /* !KEY_POS_VIEW */
205
safe_keyctl(const char * file,const int lineno,int cmd,unsigned long arg2,unsigned long arg3,unsigned long arg4,unsigned long arg5)206 static inline long safe_keyctl(const char *file, const int lineno,
207 int cmd, unsigned long arg2, unsigned long arg3,
208 unsigned long arg4, unsigned long arg5)
209 {
210 long rval;
211 int failure = 0;
212
213 rval = keyctl(cmd, arg2, arg3, arg4, arg5);
214 if (rval == -1) {
215 tst_brk_(file, lineno, TBROK | TERRNO,
216 "keyctl(%d, %lu, %lu, %lu, %lu)",
217 cmd, arg2, arg3, arg4, arg5);
218 }
219
220 switch (cmd) {
221 case KEYCTL_GET_KEYRING_ID:
222 case KEYCTL_JOIN_SESSION_KEYRING:
223 case KEYCTL_DESCRIBE:
224 case KEYCTL_SEARCH:
225 case KEYCTL_READ:
226 case KEYCTL_SET_REQKEY_KEYRING:
227 case KEYCTL_GET_SECURITY:
228 case KEYCTL_GET_PERSISTENT:
229 case KEYCTL_DH_COMPUTE:
230 if (rval < 0)
231 failure = 1;
232 break;
233 case KEYCTL_ASSUME_AUTHORITY:
234 if ((!arg2 && rval) || (arg2 && rval < 0))
235 failure = 1;
236 break;
237 default:
238 if (rval)
239 failure = 1;
240 break;
241 }
242
243 if (failure) {
244 tst_brk_(file, lineno, TBROK,
245 "keyctl(%d, %lu, %lu, %lu, %lu) returned %ld",
246 cmd, arg2, arg3, arg4, arg5, rval);
247 }
248
249 return rval;
250 }
251 #define SAFE_KEYCTL(cmd, arg2, arg3, arg4, arg5) \
252 safe_keyctl(__FILE__, __LINE__, \
253 (cmd), (arg2), (arg3), (arg4), (arg5))
254
255 #endif /* LAPI_KEYCTL_H__ */
256